Perimeter + InfraPilot

Secure your cloud
before and after deploy

Two products. One platform. InfraPilot validates what you’re planning. Perimeter monitors what’s running. Together, complete lifecycle coverage.

Explore Perimeter Explore InfraPilot

Two Products, One Platform

Complete cloud lifecycle security

Each product works standalone. Together, they create compound intelligence no competitor can match.

Perimeter

Runtime Security Platform

Continuous AWS security posture management. 476 scanner rules across 60+ services, real-time drift detection, CIEM, insider threat, compliance mapping, and AI Security Chat.

476
Scanner rules
60+
AWS services
19
Compliance frameworks
30s
Drift detection
Learn more

InfraPilot AI

Architecture Intelligence Platform

Cloud Preflight Engine. Describe infrastructure in natural language, get cost prediction, readiness scoring, risk detection, and guided architecture coaching — all before deployment.

130+
IaC rules
5
Readiness dimensions
30
Arch diagram rules
$0
No AWS acct needed
Learn more

The Lifecycle

1
Design
InfraPilot InfraCoach
2
Review Code
InfraPilot IaC Scan
3
Gate Deploy
InfraPilot CI/CD
4
Monitor
Perimeter Runtime
5
Predict
Foresight Module
Powered by tiered AI (Claude + Ollama) • AutoResearch optimizes every step nightly
Perimeter

Runtime Security at AWS Depth

Continuous posture management with 476 rules, real-time drift, CIEM, insider threat detection, and 19 compliance frameworks.

476 Security Rules

Deep checks across 60+ AWS services — VPC, IAM, S3, ECS, EKS, Lambda, RDS, and rare services competitors miss.

Real-Time Drift

EventBridge API Destinations push CloudTrail events within 30–90 seconds. 31 monitored actions. No Lambda needed.

CIEM & Insider Threat

8 entitlement rules + 6 behavioral CloudTrail rules. Detect over-permissioned roles, mass secret reads, and geo anomalies.

Secrets & LLMjacking

Scan 5 secret sources + 15 AI/ML threat rules. Detect GPU abuse, Bedrock misconfig, and lateral movement chains.

19 Compliance Frameworks

CIS, PCI-DSS, SOC 2, HIPAA, ISO 27001, NIST, MITRE ATT&CK, FedRAMP, GDPR, and more. PDF evidence packs.

AI Security Chat

Claude-powered assistant aware of your actual findings, accounts, and compliance state. Not generic advice.

Perimeter from $499/mo

FORESIGHT

ADD-ON MODULE

Predictive Security & Operations Agent for Perimeter

Available with Perimeter Growth+
Predict what will go wrong — before it does

FORESIGHT is a SENTINEL sub-agent that shifts Perimeter from reactive detection to proactive forecasting. While existing tools answer "what is wrong now?", FORESIGHT answers "what will go wrong next, and when?" — by analyzing CloudTrail patterns, CloudWatch metrics, IAM policy evolution, and configuration drift history to forecast security issues 24–72 hours before they materialize.

Without FORESIGHT (Reactive)
Detect misconfiguration after it occurs
Alert on Lambda timeout after invocation fails
Report cost anomaly after billing cycle
With FORESIGHT (Predictive)
Predict misconfiguration 24–72 hours before
Forecast timeout risk 15 days ahead
Forecast cost spike 3–5 days before it hits

Six Prediction Domains

Security Drift Forecasting

Predict when teams will create misconfigurations based on sprint-cycle behavioral patterns.

Lambda Timeout Prediction

Forecast timeout failures and memory exhaustion using P99 duration trend analysis.

EKS Capacity Forecasting

Predict cluster capacity exhaustion and pod scheduling failures 1–2 weeks ahead.

IAM Permission Creep

Track IAM policy velocity to predict admin-equivalent permissions within 6 weeks.

Cost Anomaly Forecasting

Predict cost spikes and budget overruns 3–5 days before they hit your billing cycle.

Drift Window Prediction

Identify when manual infra changes will occur based on on-call rotation and team behavior.

ML Model Stack

Meta Prophet — seasonality-aware time-series forecasting
Isolation Forest — anomaly detection on IAM velocity
LSTM — multi-variate prediction (CPU + memory + network)
Claude Haiku — narrative generation & root cause hypothesis

Pre-Staged Remediation

SG drift → time-scoped rule that auto-expires
Lambda timeout → CloudFormation changeset ready
IAM creep → least-privilege policy PR generated
Drift window → Terraform plan/apply before window
≥0.74
Target F1 score across all 6 domains
<60s
Feedback loop latency via EventBridge
≥30%
Pre-remediation rate target (Critical/High)

FORESIGHT is available as an add-on to Perimeter Growth and above. Predicted findings appear in your existing dashboard with a badge.

InfraPilot AI NEW

Validate before you provision

Describe infrastructure in natural language. Get cost prediction, readiness scoring, and guided architecture coaching. No AWS account needed.

InfraCoach: Your AI Cloud Architect

1

Describe

“Deploy a Node.js app with PostgreSQL on AWS”

2

Analyze

Detect gaps in region, scaling, security, backup

3

Coach

One-click fixes for security, scale, reliability

4

Evaluate

Cost estimate, readiness score, risk report

Cost Prediction

Baseline, peak, and hidden costs (NAT Gateway, data transfer, logging) with ±25% accuracy and confidence scoring.

Readiness Scoring

0–100 composite score across security, scalability, reliability, observability, and cost efficiency.

IaC & Arch Scanning

130+ Terraform, CloudFormation, Dockerfile rules + 30 architecture diagram rules. Shared engine with Perimeter.

What-If Simulation

Simulate 5× traffic spikes and AZ failures. See concrete cost, latency, and recovery time impact.

CI/CD Integration

GitHub Actions, GitLab CI, Bitbucket. PR scanning, policy gates, diff-aware analysis. Block merge on critical findings.

Auto-Fix Recs

Every risk paired with prioritized, actionable recommendations ranked by impact-to-effort ratio with cost impact.

InfraPilot from $49/mo

Integrations

Fits into your workflow

Both products integrate with the tools your team already uses.

Jira
Tickets
Slack
Alerts
PagerDuty
On-call
Okta SSO
Identity
Splunk
SIEM
Webhooks
Custom

Plus: Linear, Asana, OpsGenie, ServiceNow, Microsoft Teams, Datadog, GitHub Actions, GitLab CI, Azure AD, and SAML 2.0.

AI Engine

Tiered AI. Local-first inference.

Claude for complex reasoning. Ollama for high-volume tasks. Zero API cost on 70% of LLM calls. Full data sovereignty option.

Tier 1: Claude API

Complex reasoning • Customer-facing

AI Security Chat — multi-finding reasoning
InfraCoach — guided architecture coaching
Vision analysis — architecture diagram scanning
Root cause — FORESIGHT causal reasoning
~30% of LLM calls • High-value, low-volume

Tier 2: Ollama (Local)

Zero API cost • Data stays in VPC

FORESIGHT narratives — prediction summaries
Intent extraction — NL to infra components
IaC explanations — finding remediation text
AutoResearch agent — autonomous optimization
~70% of LLM calls • $0/call • Llama 3.1 8B / Mistral 7B on CPU
$0
Per Ollama call
No GPU
CPU-only inference
100%
Data stays in VPC
Auto
Fallback between tiers
Full Data Sovereignty Mode

Enterprise customers can run all AI tasks through Ollama locally — zero external API calls. Meets QCB (Qatar) and MAS (Singapore) data residency requirements.

AutoResearch AUTONOMOUS

The platform gets smarter every night

Inspired by Karpathy's autoresearch. An LLM agent autonomously tunes parameters, runs evaluations, keeps improvements, discards regressions. 200+ experiments per night at $5/month.

The Autonomous Loop

1

Read Brief

Agent reads program.md with optimization goals

2

Mutate Config

Ollama agent tweaks parameters in config.yaml

3

Evaluate

Immutable eval harness scores against labeled data

4

Keep or Discard

Better? Keep. Worse? Revert. Ratchet forward.

Repeat

200-500 experiments per night. Autonomous.

What Gets Better Every Night

Cost Prediction Accuracy

InfraPilot

Tunes NAT Gateway, data transfer, and logging cost multipliers against real AWS bills.

Metric: MAPE 500 experiments/night

Readiness Score Calibration

InfraPilot

Optimizes dimension weights so scores predict real deployment outcomes.

Metric: Spearman r 300 experiments/night

Scanner Severity Tuning

Perimeter

Calibrates severity thresholds to maximize real incident detection, minimize false positives.

Metric: F1 score 200 experiments/week

FORESIGHT Model Tuning

Foresight

Tunes Prophet and Isolation Forest hyperparameters for better prediction accuracy.

Metric: Composite F1 100 experiments/night

Suggestion Ranking

InfraPilot

Optimizes InfraCoach suggestion ordering to maximize user acceptance rate.

Metric: acceptance@3 200 experiments/week
$5/mo
Total infrastructure cost
Runs on Ollama (zero API cost)
No GPU required
Compound advantage: competitors using static rules can't keep up

Inspired by Karpathy's autoresearch — adapted from ML training to SaaS configuration optimization. Same three-file pattern: human writes the brief, agent runs the experiments, eval harness can't be gamed.

Pricing

Two products. Buy separately or bundle.

Each product works standalone. Bundle both for 25% savings.

Essentials

Core cloud security

$499/mo
2 AWS accounts · 3 seats
  • 476 security rules
  • Real-time drift
  • IaC scanning
Start Trial
POPULAR

Growth

Full detection suite

$1,499/mo
10 accounts · 10 seats
  • Everything in Essentials
  • CIEM + Insider Threat
  • CVE Scanner + AI Chat
Get Started

Assure

Compliance & audit

$2,999/mo
25 accounts · 20 seats
  • Everything in Growth
  • 19 compliance frameworks
  • PDF evidence packs
Contact Sales

Enterprise

Custom everything

Custom
Unlimited accounts + seats
  • SSO / SAML
  • Custom rules + RBAC
  • Premium support
Contact Sales

Secure your cloud lifecycle

Start with InfraPilot for free — no AWS account needed. Add Perimeter when you’re ready to monitor production. Zero credentials stored.

Try InfraPilot Free Start Perimeter Trial